From a4ba964bb9cbb0929c9e48bc298881d2e989356d Mon Sep 17 00:00:00 2001 From: lablans Date: Fri, 6 Oct 2023 07:59:39 +0000 Subject: [PATCH 1/3] CI/CD Docker --- .github/workflows/rust.yml | 171 +++++++++++++++++++++++++++++++++++++ Cross.toml | 2 + Dockerfile | 16 ++++ 3 files changed, 189 insertions(+) create mode 100644 .github/workflows/rust.yml create mode 100644 Cross.toml create mode 100644 Dockerfile diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml new file mode 100644 index 0000000..10d29de --- /dev/null +++ b/.github/workflows/rust.yml @@ -0,0 +1,171 @@ +name: Build with rust and docker + +on: + push: + workflow_dispatch: + pull_request: + schedule: + # Fetch new base image updates every night at 1am + - cron: '0 1 * * *' + +env: + CARGO_TERM_COLOR: always + PROFILE: release + +jobs: + pre-check: + name: Security, License Check + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v3 + - uses: EmbarkStudios/cargo-deny-action@v1 + + build-rust: + name: Build (Rust) + runs-on: ubuntu-22.04 + + strategy: + matrix: + arch: + - amd64 + - arm64 +# features: +# - "" + + steps: + - name: Print matrix vars + run: | + echo "Arch: ${{ matrix.arch }}" + echo "Features: ${{ matrix.features }}" + - name: Set arch ${{ matrix.arch }} + env: + ARCH: ${{ matrix.arch }} + run: | + if [ "${ARCH}" == "arm64" ]; then + echo "rustarch=aarch64-unknown-linux-gnu" >> $GITHUB_ENV + elif [ "${ARCH}" == "amd64" ]; then + echo "rustarch=x86_64-unknown-linux-gnu" >> $GITHUB_ENV + else + exit 1 + fi + if [ "$(dpkg --print-architecture)" != "${ARCH}" ]; then + echo "Cross-compiling to ${ARCH}." + echo "is_cross=true" >> $GITHUB_ENV + else + echo "Natively compiling to ${ARCH}." + echo "is_cross=false" >> $GITHUB_ENV + fi + - name: Set profile ${{ env.PROFILE }} + env: + PROFILE: ${{ env.PROFILE }} + run: | + if [ "${PROFILE}" == "release" ]; then + echo "profilestr=--release" >> $GITHUB_ENV + elif [ "${PROFILE}" == "debug" ]; then + echo "profilestr=" >> $GITHUB_ENV + else + echo "profilestr=--profile $PROFILE" >> $GITHUB_ENV + fi + - uses: actions/checkout@v3 + - uses: actions-rs/toolchain@v1 + with: + toolchain: stable + override: true + target: ${{ env.rustarch }} + - uses: Swatinem/rust-cache@v2 + with: + key: ${{ matrix.arch }}-${{ env.PROFILE }} + prefix-key: v1-rust-${{ matrix.features && format('features_{0}', matrix.features) || 'nofeatures' }} # Increase to invalidate old caches. + - name: Build (cross to ${{ matrix.arch }}) + if: env.is_cross == 'true' + uses: actions-rs/cargo@v1 + with: + use-cross: ${{ env.is_cross }} + command: build + args: --target ${{ env.rustarch }} ${{ matrix.features && format('--features {0}', matrix.features) }} ${{ env.profilestr }} + - name: Build (native) + if: env.is_cross == 'false' + run: | + BINS=$(cargo build --tests --bins --message-format=json --target ${{ env.rustarch }} ${{ matrix.features && format('--features {0}', matrix.features) }} ${{ env.profilestr }} | jq -r 'select(.profile.test == true) | .executable | select(. != null)') + mkdir -p testbinaries/ + for testbin in $BINS; do + mv -v $testbin testbinaries/ + done + - name: Upload (bins) + uses: actions/upload-artifact@v3 + with: + name: binaries-${{ matrix.arch }}-${{ matrix.features }} + path: | + target/${{ env.rustarch }}/${{ env.PROFILE }}/beamctl + - name: Upload (test, native only) + if: matrix.arch == 'amd64' + uses: actions/upload-artifact@v3 + with: + name: testbinaries-${{ matrix.arch }}-${{ matrix.features }} + path: | + testbinaries/* + + test: + name: Run tests + needs: [ build-rust ] + runs-on: ubuntu-22.04 + + strategy: + matrix: + features: + - "" + - "sockets" + + steps: + - uses: actions/checkout@v3 + - name: Download bins + uses: actions/download-artifact@v3 + with: + name: binaries-amd64-${{ matrix.features }} + path: artifacts/binaries-amd64/ + - name: Download tests + uses: actions/download-artifact@v3 + with: + name: testbinaries-amd64-${{ matrix.features }} + path: testbinaries/ + - run: ./dev/test ci ${{ matrix.features && format('--features {0}', matrix.features) }} + + docker: + needs: [ build-rust, pre-check, test ] + if: github.ref_protected == true || github.event_name == 'workflow_dispatch' + + strategy: + matrix: + components: + - beamctl +# features: +# - "" +# - "sockets" + + # This workflow defines how a maven package is built, tested and published. + # Visit: https://github.com/samply/github-workflows/blob/develop/.github/workflows/docker-ci.yml, for more information + uses: samply/github-workflows/.github/workflows/docker-ci.yml@main + with: + # The Docker Hub Repository you want eventually push to, e.g samply/share-client + image-name: "samply/beamctl" + image-tag-suffix: ${{ matrix.features && format('-{0}', matrix.features) }} + # Define special prefixes for docker tags. They will prefix each images tag. + # image-tag-prefix: "foo" + # Define the build context of your image, typically default '.' will be enough + # build-context: '.' + # Define the Dockerfile of your image, typically default './Dockerfile' will be enough + build-file: './Dockerfile' + # NOTE: This doesn't work currently + # A list of build arguments, passed to the docker build + build-args: | + FEATURE=-${{ matrix.features }} + COMPONENT=${{ matrix.components }} + # Define the target platforms of the docker build (default "linux/amd64,linux/arm64/v8") + # build-platforms: "linux/amd64" + # If your actions generate an artifact in a previous build step, you can tell this workflow to download it + artifact-name: '*' + # This passes the secrets from calling workflow to the called workflow + secrets: + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/Cross.toml b/Cross.toml new file mode 100644 index 0000000..5f17f96 --- /dev/null +++ b/Cross.toml @@ -0,0 +1,2 @@ +[target.aarch64-unknown-linux-gnu] +pre-build = ["dpkg --add-architecture arm64 && apt-get update && apt-get install --assume-yes libssl-dev:arm64 && rm -rf /var/lib/apt/lists/*"] diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..fc90e61 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +# This Dockerfile is infused with magic to speedup the build. +# In particular, it requires built binaries to be present (see COPY directive). +# +# tl;dr: To make this build work, run +# ./dev/beamdev build +# and find your freshly built images tagged with the `localbuild` tag. + +FROM alpine AS chmodder +ARG FEATURE +ARG TARGETARCH +COPY /artifacts/binaries-$TARGETARCH$FEATURE/beamctl /app/beamctl +RUN chmod +x /app/* + +FROM gcr.io/distroless/cc-debian12 +COPY --from=chmodder /app/beamctl /usr/local/bin/ +ENTRYPOINT [ "/usr/local/bin/beamctl" ] From 4db978748aabe65700f98206f0ebbe5d3bc88e39 Mon Sep 17 00:00:00 2001 From: lablans Date: Fri, 6 Oct 2023 08:02:18 +0000 Subject: [PATCH 2/3] Add Docker Hub readme --- .github/workflows/dockerhub_readme.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 .github/workflows/dockerhub_readme.yml diff --git a/.github/workflows/dockerhub_readme.yml b/.github/workflows/dockerhub_readme.yml new file mode 100644 index 0000000..8762c49 --- /dev/null +++ b/.github/workflows/dockerhub_readme.yml @@ -0,0 +1,21 @@ +name: Update Docker Hub Readme +on: + push: + branches: + - main +jobs: + PushContainerReadme: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Sync Readme + uses: lablans/sync-dockerhub-readme@feature/replace-patterns + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD_REQUIRED_FOR_README_SYNC }} + repository: ${{ github.repository }} + readme: "./README.md" + replace_pattern: "](./" + replace_with: "](https://raw.githubusercontent.com/${{ github.repository }}/${{ github.ref_name }}/" From ef4d4db2dcebe2ce36a60aa5678c67202163d46c Mon Sep 17 00:00:00 2001 From: lablans Date: Fri, 6 Oct 2023 08:06:46 +0000 Subject: [PATCH 3/3] Fix tests --- .github/workflows/rust.yml | 10 ++++----- dev/test | 43 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 5 deletions(-) create mode 100755 dev/test diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 10d29de..59d31de 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -111,11 +111,11 @@ jobs: needs: [ build-rust ] runs-on: ubuntu-22.04 - strategy: - matrix: - features: - - "" - - "sockets" +# strategy: +# matrix: +# features: +# - "" +# - "sockets" steps: - uses: actions/checkout@v3 diff --git a/dev/test b/dev/test new file mode 100755 index 0000000..c40a0ea --- /dev/null +++ b/dev/test @@ -0,0 +1,43 @@ +#!/bin/bash -e + +SD=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) + +cd $SD + +#source beamdev noop + +#function start() { +# trap "echo; echo; clean" EXIT +# start_bg +#} + +#function test() { +# for test in test_*.sh; do +# echo "=======" +# echo "=> $(basename $test) ..." +# source $test +# done +# +# echo -e " ${COL_GREEN}All tests have completed successfully.${COL_NONE}" +#} + +case "$1" in + noci) + test + shift + cargo test $@ + ;; + ci) +# start +# test + shift + for testbin in $SD/../testbinaries/*; do + chmod +x $testbin + $testbin + done + ;; + *) + echo "Usage: $0 noci|ci" + exit 1 + ;; +esac